Metaforic Announces Protection for Android Financial Applications

San Jose, CA - 1 May 2012

World-class software hardening extended to defend against fraud and theft

Metaforic, the innovative software security company, today announced that it had extended its world-class software hardening technology to protect Financial Applications on the Android platform, which face a range of new and potentially devastating threats. Using this specially designed technology, Banks and Financial Institutions developing on Android can minimize fraud and theft vulnerabilities, protecting both themselves and their users.

Gartner forecasts mobile payment transaction value worldwide to grow from $86 billion in 2011 to $426 billion in 2015. Similarly, Gartner forecasts worldwide mobile payment users to increase from over 141 million today to almost 350 million in 2015.[i]

This rapid growth in financial application use has resulted in new attacks from organized criminals and hackers. There has been an exponential increase in custom malware that has a strong focus on compromising financial transactions that are initiated from a device or authenticated by a device. For example, Fortinet are reporting that the mobile ZeuS malware kit now has installations for man in the middle attacks on Android. Lookout report that the sophistication of attacks is on the increase too, with the LeNa malware now able to run Gingerbreak to provide super user root access to any phone without intervention of the user.

Avivah Litan, Gartner VP and Distinguished Analyst said,[ii] "Mobile malware can compromise the integrity and security of user credentials or data entered on mobile devices. It can be used to take over user accounts, or to perpetrate fraud or theft of server-based assets."

Metaforic immunizes financial software and data from fraud and theft, bringing protection to banks and their customers. MetaFortress defeats the most common attacks on smart phone financial applications, including:

Authentication interference, mTAN theft and subversion

Silent activity, such as SMS fraud

Repackaging financial applications with malicious malware

Infecting or analysing financial applications with trojans

Any binary or static data change from hacking or malware

Said Andrew McLennan, Metaforic CMO: "The rapid explosion of financial applications on Smart Phones has created a new attack surface for criminals intent on theft and fraud. We're excited to help our banking customers stop these attacks and to continue to bring their great new applications to Android."